Envoy Proxy Improper Certificate Validation Vulnerability - CVE-2022-21654 - Vulnerability Database

Envoy Proxy Improper Certificate Validation Vulnerability - CVE-2022-21654

Critical
Reference: CVE-2022-21654
Title: Envoy Proxy Improper Certificate Validation Vulnerability
Overview:

Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy39s tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.